Enterprise Architecture- Based Risk and Security Modelling ...
Transcript of Enterprise Architecture- Based Risk and Security Modelling ...
![Page 1: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/1.jpg)
Enterprise Architecture-Based Risk and Security Modelling and Analysis
Henk Jonkers & Dick Quartel
GraMSec 2016Lisbon, June 27, 2016
![Page 2: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/2.jpg)
About BiZZdesign
• Global software company, founded in 2000
• Tools, methods & best practices, training, consultancy
• Collaborative business design platform
for powerful, integrated
modelling across multiple
disciplines
• Strong roots in research
and innovation
• Industrial partner in
![Page 3: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/3.jpg)
Agenda
• Why Enterprise Risk & Security Management (ERSM)?
• Enterprise Architecture & ArchiMate
• Risk & Security Modelling in ArchiMate
• The ERSM Cycle
• Risk Analysis & Visualisation
• Example & Demo
• Summary & Conclusions
![Page 4: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/4.jpg)
Problem Statement
• Organizations are increasingly networked and thus more complex
• Attacks on information systems are getting
more sophisticated
• Attacks use digital and physical
access, and social engineering
• Traditional risk management methods
cannot handle the resulting complexity
![Page 5: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/5.jpg)
Limitations of Traditional Approaches
• Existing information security and risk management
methods do not systematically identify potential attacks
• They are based on, e.g., checklists, heuristics and experience
• Security controls are applied in a bottom-up way
• They are not based on a thorough analysis of risks and vulnerabilities
• No explicit definition of security principles and requirements
• Focus on just IT/information security
• They have difficulties in dealing with
complex attacks on socio-technical
systems, which combine physical and
digital access, as well as social engineering
• Focus on preventive security controls
• Corrective and curative controls
are not considered
→ Trade-off between security, costs, and usability
(Avoid “security overkill”)
![Page 6: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/6.jpg)
Enterprise Risk & Security Management
• Integral approach to security: protection of
business, information, application and
technology assets
• Structured identification and analysis of
risks and vulnerabilities
• Supports strategic risk management
• Supports “Security by Design”
![Page 7: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/7.jpg)
ENTERPRISE ARCHITECTURE & ARCHIMATE
![Page 8: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/8.jpg)
EA / ArchiMate: Integrated Models
Process architecture
Application architecture Technical architecture
Information architecture Product architecture
?
?
?
?
?Physical architecture
Strategy & Motivation
![Page 9: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/9.jpg)
The Case for Enterprise Architecture
![Page 10: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/10.jpg)
The ArchiMate Language
ArchiMate languageHigh-level
modelling
within
domains
Modelling relationships
between domains
Visualizations
AnalysisRelating detailed
design models
A basis for
![Page 11: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/11.jpg)
ArchiMate Core Framework
Application Layer
Technology Layer
Business Layer
Layers
Aspects
Passivestructure
Behavior Activestructure
![Page 12: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/12.jpg)
Bu
sin
ess
Ap
plicatio
nTe
ch
nolo
gy
Passive
structure BehaviorActive
structure
ArchiMate Core Language
![Page 13: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/13.jpg)
ArchiMate 3.0 Framework
![Page 14: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/14.jpg)
RISK & SECURITY MODELING WITH ARCHIMATE
![Page 15: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/15.jpg)
ArchiMate Risk Project
• Collaboration of ArchiMate Forum and Security Forum
• Two areas of concern:
• Risk analysis
• Security deployment (risk mitigation)
• Investigate how (specializations of) existing ArchiMate
concepts (Core and extensions) can be used
• Inspired on well-established risk
and security standards and
frameworks, including COSO,
ISO 27001, FAIR, SABSA
• White paper published
![Page 16: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/16.jpg)
Concepts• Risk
• Threat (event)
• Threat agent
• Attack
• Loss event
• Vulnerability
• Domain
• Control objective
• (Required) Control measure
• Asset (at risk)
• (Risk / Security) Policy
• (Risk / Security) Principle
![Page 17: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/17.jpg)
Main Risk & Security Concepts (Informal)
Loss event Risk
of an
Makes use ofmay
cause
to an
quantifies(loss frequency
magnitude)
protects
prevents /
remedies
“External”
Vulnerability AssetControlmeasure
“Internal”
requires
Threat event /
Attack
![Page 18: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/18.jpg)
A “Risk Overlay” for ArchiMate
![Page 19: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/19.jpg)
ERSM Process
Analysis
ArchiMate
Core
Design
Implementation /
Operations91
2
3
46
7
8
5
Risk assessment1. Monitoring
2. Vulnerabilities
3. Threats
4. Risks
Security deployment5. Security policy & principles
6. Control objectives
(Security requirements)
7. Requirements for
control measures
8. Design of control
measures
9. Operational control
measures
![Page 20: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/20.jpg)
ArchiMate
Core
91
2
3
46
7
8
5
![Page 21: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/21.jpg)
Example: Online Payment
![Page 22: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/22.jpg)
Assets
![Page 23: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/23.jpg)
Vulnerabilities
![Page 24: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/24.jpg)
Threats
![Page 25: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/25.jpg)
Risk Assessment
![Page 26: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/26.jpg)
Control Objectives
![Page 27: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/27.jpg)
Design of Controls
![Page 28: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/28.jpg)
Deployment of Controls
![Page 29: Enterprise Architecture- Based Risk and Security Modelling ...](https://reader031.fdocuments.us/reader031/viewer/2022020910/62008b964be709741b2a605b/html5/thumbnails/29.jpg)
Conclusions• Current risk management approaches, working in isolation,
fall short in the complexity of current organizations
• The ArchiMate language provides the
hooks for integrated risk & security
modeling, integrated with EA
• Specializations of existing ArchiMate
concepts suffice for risk and security
modelling
• ArchiMate 3.0 offers new possibilities for
modelling, among others, physical risk
and security
• Risk & security-enhanced ArchiMate
models support risk analysis and
visualization, and “Security by Design”